BING IP Search

Test Objectives

To understand what sensitive design and configuration information of the application/system/organization is exposed both directly (on the organization’s website) or indirectly (on a third party website).
(from the OWASP Testing Guide v4.0 Conduct search engine discovery/reconnaissance for information leakage (OTG-INFO-001)

Expected Results:

  • list of IP addresses linked to FQDN/URL’s and protocol (ftp/http/https)
  • list of discovered domain names
  • virtual host detection

You can use BING to find urls, hosts and domain related information by performing an IP address search. Just use the search operator ip:

bingsearch

From this search we discovered that this IP address related to the following domains:

  • nmap.org
  • sectools.org
  • seclists.org
  • insecure.org

You can narrow your search by adding the hosts/domains you already have on your list with a minus.

bingsearch2

References: